FreeBSD Ports: cups-base

The remote host is missing an update to the system as announced in the referenced advisory.

The following package is affected: cups-base CVE-2008-1722 Multiple integer overflows in (1) filter/image-png.c and (2) filter/image-zoom.c in CUPS 1.3 allow attackers to cause a denial of service (crash) and trigger memory corruption, as demonstrated via a crafted PNG image. CVE-2008-5184 The web interface (cgi-bin/admin.c) in CUPS before 1.3.8 uses the guest username when a user is not logged on to the web server, which makes it easier for remote attackers to bypass intended policy and conduct CSRF attacks via the (1) add and (2) cancel RSS subscription functions.

Update your system with the appropriate patches or software upgrades. http://secunia.com/advisories/30190 http://www.cups.org/str.php?L2974 http://www.vuxml.org/freebsd/87106b67-be13-11dd-a578-0030843d3802.html